Thoughts on the months-late FDASIA report (based on an earlier work group report) that proposes minimal FDA oversight of healthcare information technology:
- Vendors should be breathing a sigh of relief. The report contains nothing new and in fact takes FDA further away from having health IT responsibilities.
- The report proposes that IT vendors continue to be self-regulated without FDA’s involvement, turfing any new responsibilities to ONC rather than FDA.
- The report is intended to stimulate discussion about what other parties might do. FDA’s only to-do is to “actively engage stakeholders” to implement the framework the report proposes. In other words, the report doesn’t impose responsibilities on anyone.
- The report seems uncomfortable addressing the issue that an IT system may or may not be safe depending on how its users implement and maintain it, which is a clear distinction compared to single-purpose medical devices approved for use in specific ways. That may have been the overriding factor – vendors could product a perfectly safe IT system that is rendered unsafe by how a customer does with it.
- Products will be regulated only if they post significant risk to patient safety. FDA does not propose regulating anything it isn’t already regulating. If it’s not a medical device, FDA won’t regulate it. The FDA’s definition is above, although it is more appropriate for distinguishing a medical device from a drug than for determining whether a given information technology is a medical device.
- The report proposes grouping products into three categories, but that’s irrelevant from a regulatory standpoint since the medical device category would continue to be the only one regulated.
- FDA’s recent Class 1 recall of an anesthesia information system that displayed the wrong patient information seems at odds with the draft, which says that FDA will focus only on the medical device portion of such a system.
- It’s still user beware when it comes to clinical decision support systems, order entry, and results reporting since FDA proposes no change in their current unregulated state.
- The report suggests that ONC create a Health IT Safety Center in collaboration with FDA, FCC, and AHRQ, which in effect puts IT patient safety under ONC’s purview rather than FDA’s.
- The report says that while ONC’s certification program addresses only EHRs, it has the authority to certify other health IT systems. That’s an interesting observation given that “certification” as it exists today only affects providers interested in collecting government handouts, but the implication seems to be that such certification should address all vendors and users.
- Better interoperability standards and testing criteria are needed, the report says.
- The report urges adoption of practices for healthcare IT implementation that address installation, customization, training, contracting, and downtime, suggesting the use of ONC’s SAFER Guides as a starting point.
- The report proposes that vendors and products undergo “conformity assessment” that could include product certification, testing, inspection, or vendor attestations. It suggests private industry conformity assessments except in situations where patient safety is critical, in which case government assessments would be appropriate. It mentions NIST’s usability standards.
- The report notes that vendor contract terms and customer fear of liability impede the free flow of information.
- The report agrees with IOM in suggesting that vendors be required to list products that include any degree of patient risk with ONC. That’s a new suggestion, that ONC require software vendors to register products that meet specific criteria.
- The report has a 90-day comment period, although I could find no stated process for submitting comments.
The FDASIA’s original work group whose recommendations from last summer were incorporated into this report contained an industry-friendly mix of members. By my count, 15 of the 30 members represent vendors or investors, six come from government or associations, four are academics, three are providers, one is from a testing organization, and one is a consumer.
From Jack: “Re: John Muir Health. It has been a long time coming, but we’ve arrived: our state-of-the-art electronic health record (EHR) and revenue cycle system are now live within John Muir Health! With today’s go-live, all of our hospitals, outpatient clinics, Home Health, John Muir Medical Group practices and several IPA practices are on our single, integrated EHR, as are our patients’ health records. This is great news for John Muir Health, and even better news for the patients and communities we serve. With the entire health system up and running on Epic, all patients will benefit from improved service and care coordination.”
HIStalk Announcements and Requests
Only 12 percent of respondents say they’ve benefitted as a patient from an HIE. New poll to your right: what force is to blame for the delay in ICD-10 enforcement? Clicking a radio button alone doesn’t provide much insight, which is why it would be swell if you’d click the “Comments” link at the bottom of the poll after voting to explain your position.
Thanks to the following sponsors, new and renewing, that recently supported HIStalk, HIStalk Practice, and HIStalk Connect. Click a logo for more information.
Listening: San Diego-based No Knife, apparently defunct since 2003 other than a few reunion shows. The were kind of emo-indie with quite a bit of complexity. Also: the re-formed and touring Zombies, with Rod Argent and Colin Blunstone (both 68 years old) sounding amazing on new stuff as well as “Time of the Season,” “She’s Not There” and Argent’s “Hold Your Head Up.”
I added my Twitter support to the Thunderclap project of OpenNotes. As a patient, I should able to see the notes providers have made about me. The fact that this is a controversial issue tells you how paternalistic and patient-unfriendly healthcare is.
The Twitter word that signals someone is about to do some stealth bragging: “honored” (us when humbly but firmly announcing their recent success in being published, featured as a speaker, or given a high-visibility role.)
April 9 (Wednesday) 1:00 p.m. ET. Think Beyond EDW: Using Your Data to Transform, Part 1 – Avoiding Analysis Paralysis. Sponsored by Premier. Presenters: Kristy Drollinger, senior director of population health analytics, Fairview Health Services; J.D. Whitlock, corporate director of clinical and business intelligence, Catholic Health Partners; Sean Cassidy, general manager of information technology services emerging business unit, Premier, Inc. Are you ready to invest in an integrated data platform? Do you have a strategy to make the information accessible and actionable? How will enterprise data warehousing transform care delivery? There’s more to data analytics than simply deploying an EDW. Learn what goes into becoming an information-driven enterprise in the first webinar in this series.
April 16 (Wednesday) 11:00 a.m. ET. Panel Discussion: Documents, EMRs, and Healthcare Processes. Sponsored by Levi, Ray & Shoup. Presenters: Charles Harris, senior technical lead, Duke University Health System; Ron Peel, technical advisor, LRS; and John Howerter, SVP of enterprise output management, LRS. IT department in hospitals implementing EMRs often overlook the role of document-driven workflows. Prescriptions, specimen labels, and discharge orders, and other critical documents must be reliably delivered with minimal impact on IT and clinical staff. This panel discussion will discuss the evolving use of documents in the “paperless/less-paper” environment.
Acquisitions, Funding, Business, and Stock
Interesting points on the big IPO of IMS Health. The company was taken private a few years ago and its three main private equity investors (who bought in for $5.2 billion) will nearly triple their money by taking it public again. As often happens when the private money guys take control, IMS has loaded itself with debt along the way, jumping from $1.3 billion in debt before they got involved to a current $4.9 billion. It will use the IPO proceeds to pay the debt down to $3.95 billion. Annual revenue is $2.5 billion.
Shares of athenahealth plunged 11 percent on Friday, with shares dropping 28 percent in the past month.
Etransmedia Technology licenses its Connect2Care patient engagement platform to Merge Healthcare.
Gary Lakin (Microsoft) is named CEO of Australia-based oncology vendor charmhealth.
Scanadu starts distributing its wildly hyped $199 tricorder-type diagnostic to its Indiegogo backers, but has to stop when it finds a several problems, including algorithm errors, incorrect temperature readouts, and breakdown of the machinery that creates the device’s case. The Scanadu Scout can’t be sold until approved by FDA, so the backers had to sign up as study participants. With those kinds of problems, it’s a long shot that FDA will ever approve the device.
Government and Politics
US CTO Todd Park has been minimally visible since the Healthcare.gov rollout fiasco and the ensuing Congressional subpoena, but he shared celebratory champagne with contractor QSSI early Tuesday morning after the site exceeded its goal of enrolling 7 million people.
The Wall Street Journal recaps the five states with the most problem-plagued health insurance exchanges, all covered here previously: (1) Oregon (still not working); (2) Maryland (dumping its dysfunctional system and moving to the one Connecticut developed); (3) Massachusetts (still not working); (4) Nevada (carriers are being sent incorrect information); and (5) Hawaii (not being used because state law already required employers to provide insurance).
Influential House lawmakers continued Thursday to press the Department of Defense and VA for failing to create a single EHR that would follow service members during and after their service. According to Rep. Rodney Frelinghuysen (R-NJ), who chairs the committee that funds the DoD, “It’s enormously frustrating. It makes us angry. … This is way beyond the claims backup VA has. It’s pretty damn important.” Rep. Pete Vicslosky (D-IN) added, “We fought a world war in four years. We’re talking interoperability of electronic medical records from 2008 to 2017, and I’m appalled.” The DoD’s assistant secretary of defense for health affairs says the current approach is to allow the two separate systems to talk to each other, which is says has been a problem nationally and why DoD wants to buy its own commercial product for $11 billion instead of using the VA’s VistA for free.
The State of Connecticut says that Windows XP, which finally goes off support Tuesday after Microsoft replaced it in 2008, still runs 20 percent of its computers, including all of the Department of Corrections and 43 laboratory instruments. The state is planning to pay Microsoft $250,000 to continue receiving Windows XP security patches, which may or may not keep it safe from potential HIPAA violations for running an unsupported and potentially compromised operating system. According to Microsoft, “Businesses that are governed by regulatory obligations such as HIPAA may find that they are no longer able to satisfy compliance requirements.” Another report finds that 77 percent of British companies still run XP and only a third of those surveyed plan to upgrade.
The Missouri House sends a bill to the Senate entitled the “Second Amendment Preservation Act” that would make it illegal for a healthcare professional to use an EMR that requires information about a patient’s access to firearms.
Innovation and Research
Maybe we really do need Amazon to get into healthcare. Check out its new Dash device that allows easy ordering through its AmazonFresh grocery delivery program (only available in Southern California, San Francisco, and Seattle for now.)
Billionaire AOL founder Steve Case decides on a whim to invest $100,000 each in all 10 startup teams pitching at the inaugural Google for Entrepreneurs Day. Among the companies funded is Nashville-based InvisionHeart, a Vanderbilt spinoff that is developing technology that converts EKGs to digital form for sharing in the cloud.
The local paper covers the $33 million Cerner go-live at Beebe Medical Center (DE), featuring CMIO Jeff Hawtof, MD.
The two HIEs located in Columbia, MO (Missouri Health Connection and Tiger Institute Health Alliance) say they may talk about sharing information despite disagreements that arose when Missouri Health Connection demanded that Tiger Institute pay it. The current setup means that two Columbia hospitals could be close together but unable to share information because each participates in a different HIE.